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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^| Responsive to communication(s) filed on 28 July 2009 . 
2a )□ This action is FINAL. 2b)£3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^3 Claim(s) 1 and 18-37 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |EI Claim(s) 1, 18-37 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) L~H The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 0 Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

The Request for Continued Prosecution has been Accepted and Entered. 

Response to Arguments 

Applicant's arguments with respect to claims 1, 27, 37 have been considered but are moot 
in view of the new ground(s) of rejection in view of Kuhn US 6,023,765 

Claim Rejections - 35 USC § 101 
35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

the claimed invention is directed to non-statutory subject matter. A process qualifies to be 
considered for patenting only if it (1) is implemented with a particular machine, that is, one 
specifically devised and adapted to carry out the process in a way that is not concededly 
conventional and is not trivial; or else (2) transforms an article from one thing or state to another. 
Claims 1, 27, and 37 are rejected because they do not contain any form of computer hardware. 
Inclusion of a Processor or other computer hardware consistent with the specification will 
overcome this rejection. 



Claim Rejections - 35 USC § 112 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 
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The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

Claims 25, and 35 rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. The claims state "functionality to support desired functionality" the examiner 
interprets this is the broadest reasonable way to mean computer functions to support access to 
data. It is unclear what the applicants intention is. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 19, 20, 24, 25-27, 29, 30, 34, 35, 36 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Davis US 6,367,009 in view of Schneider US 
6,178,505 in view of Kuhn US 6,023,765. 

As per claims 1, and 27, Davis discloses an MTS or middle tier server, verifying a users ID 
through a digital certificate submitted by the client, (authentication component), (Col 1 1 
lines 39-43). Davis also discloses the ETS or end tier server verifying the users ID through 
use of a digital certificate, (Col 13 lines 27-31). Davis teaches that the ETS uses access 
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control comprising a list of authorized users, (directory), (Col 13 lines 35-39). Davis 
discloses that if the user is not on the access control list, the system will restrict access, 
(access control system), (Col 13 lines 40-42). 

Schneider teaches a system in which a users are permitted access to at least one portion of 
a computer site. Schneider teaches a database (directory) of user accounts wherein the 
user is assigned a group and is allowed access to data said group is permitted to access. 
(Col 12 lines 10-33, 54-59). 

It would be obvious to one skilled in the art to modify the system of Davis with the user 
account access control of Schneider because ACL's do not provide the level of security 
and flexibility that user accounts do. 

Kuhn teaches using an access policy to provide tiered access for a plurality of security 
levels over different sets of users (Col 6 lines 35-60). 

It would have been obvious to one of ordinary skill in the art to use Kuhn with the 
previous combination because it allows the convenience and organization of the role 
based system of Schneider with the proven security improvements of security levels (Col 
5 lines 10-15). 

As per claim 19, 29, Schneider teaches that users are categorized into discrete sets 
granted access to a particular portion of the computer according to the access policy. 

As per claim 20, 30, Schnieder teaches the system is configured to use information 
relating to the user to present tot the user personalized information. 
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As per claims 24 and 34, Schneider teaches the account containing an IP address (Col 23 
lines 15-25). 

As per claims 25, and 35 Schneider teaches the system is configured to provide 
functionality to support the desired functionality of the users (Col 12 lines 20-40). 

As per claims 26, 36 Davis teaches that the certificate authorization is automated (no 
human is involved in the process) (Col 13 lines 15-25). 

Claims 21, 22, 31, 32, and 37 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Davis US 6,367009 in view of Schneider US 6,178,505 in view 
of Kuhn US 6,023,765 in view of GUPTA US 2001/0020242. 

As per claims 21,22, 31, and 32, the previous combination teaches user groups but 
not specifically user preferences. 

Gupta teaches user preferences, and displaying new products or information related to 
the users field of interest based on those preferences [0062], [0064], [0075] 

It would have been obvious to one of ordinary skill in the art to use the 
preferences of Gupta with the previous system because it is more efficient to send the 
user tailored information, then send general information. 



As per claim 37, 
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Davis discloses an MTS or middle tier server, verifying a users ID through a digital 
certificate submitted by the client, (authentication component), (Col 1 1 lines 39-43). Davis 
also discloses the ETS or end tier server verifying the users ID through use of a digital 
certificate, (Col 13 lines 27-31). Davis teaches that the ETS uses access control comprising a 
list of authorized users, (directory), (Col 13 lines 35-39). Davis discloses that if the user is 
not on the access control list, the system will restrict access, (access control system), (Col 13 
lines 40-42). 

Schneider teaches a system in which a users are permitted access to at least one portion of 
a computer site. Schneider teaches a database (directory) of user accounts wherein the 
user is assigned a group and is allowed access to data said group is permitted to access. 
(Col 12 lines 10-33, 54-59). 

It would be obvious to one skilled in the art to modify the system of Davis with the user 
account access control of Schneider because ACL's do not provide the level of security 
and flexibility that user accounts do. 

Kuhn teaches using an access polict to provide tiered access for a plurality of security 
levels over different sets of users (Col 6 lines 35-60). 

It would have been obvious to one of ordinary skill in the art to use Kuhn with the 
previous combination because it allows the convenience and organization of the role 
based system of Schneider with the proven security improvements of security levels (Col 
5 lines 10-15). 

Gupta teaches user preferences, and displaying new products or information related to 
the users field of interest based on those preferences [0062], [0064], [0075] 
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It would have been obvious to one of ordinary skill in the art to use the 
preferences of Gupta with the previous system because it is more efficient to send the 
user tailored information, then send general information. 



Claims 18, 23, 28, 33 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Davis US 6,367,009 in view of Schneider US 6,178,505 in view of Kuhn US 6,023,765 
in view of Ginzboorg US 6,240,091. 

As per claims 18, 28 Davis does not teach a log system to record user actions in a computer 
site. 

Ginzboorg discloses by means of charging records, a log system to record user interaction 
with a computer site including a digital signature and timestamp for a transaction, (Col 8 
lines 22-26, Col 11 lines 17-21, Col 12 lines 24-28). 

It would have been obvious to one skilled in the art to modify the access policy of Davis 
with the recording system of Ginzboorg to provide the necessary data for billing purposes 

As per claims 23, and 33, Ginzboorg teaches an archive including purchases made 
(Ginzboorg Col 9 lines 50-55). 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHRISTOPHER J. BROWN whose telephone number is 
(571)272-3833. The examiner can normally be reached on 8:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on (571)272-7884. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Christopher J Brown/ 10/6/09 
Primary Examiner, Art Unit 2439 



